144 lines
7.7 KiB
Text
144 lines
7.7 KiB
Text
|
==Phrack Inc.==
|
||
|
|
||
|
Volume One, Issue 7, Phile 4 of 10
|
||
|
|
||
|
-=:><:=--=:><:=--=:><:=--=:><:=--=:>\|/<:=--=:><:=--=:><:=--=:><:=--=:><:=-
|
||
|
|
||
|
-=:> Hacking The <:=-
|
||
|
-=:> Chilton Corporation Credimatic <:=-
|
||
|
-=:] By: Ryche [:=-
|
||
|
|
||
|
-=:} Written on June 24, 1986 {:=-
|
||
|
|
||
|
-=:><:=--=:><:=--=:><:=--=:><:=--=:>\|/<:=--=:><:=--=:><:=--=:><:=--=:><:=-
|
||
|
|
||
|
This is the complete version of Hacking Chilton. There is another one that is
|
||
|
floating around that's not as complete. If you see it anywhere please ask the
|
||
|
sysop to kill it and put this one in its place.
|
||
|
|
||
|
The Chilton Corp. is a major credit firm located on Greenville Ave. in Dallas,
|
||
|
Texas. This is where a lot of the companies that you apply for credit, check
|
||
|
you and your neighbors credit records. Unlike other credit systems such as TRW
|
||
|
and CBI, this one contains the records for people with good credit and doesn't
|
||
|
wipe out some of the numbers of the cards themselves. All information is
|
||
|
complete and includes full numbers as well as the bank that issued it, limit,
|
||
|
payments due, payments late, their SSN, current & former address, and also
|
||
|
their current and former employer. All you need to know to access this info is
|
||
|
the full name, and address of your "victim".
|
||
|
|
||
|
Now, how to hack the Chilton. Well, the Chilton system is located in Dallas
|
||
|
and the direct dialup (300/1200) is 214-783-6868. Be in half duplex and hit
|
||
|
return about 10 times until it starts to echo your returns. There is a command
|
||
|
to connect with E-mail that you can put in before echoing return. By echoing
|
||
|
the return key your signifying that you want the credit system. I wont go into
|
||
|
E-mail since there is nothing of special interest there in the first place. If
|
||
|
you are interested in it, try variations of /x** (x=A,B,C,etc.). All input is
|
||
|
in upper case mind you. Back to the credit part, once you echo return, you can
|
||
|
type: DTS Ctrl-s if you really need to see the date and time or you can simply
|
||
|
start hacking. By this, I mean:
|
||
|
SIP/4char. Ctrl-s
|
||
|
|
||
|
This is the Sign In Password command followed by a 4 character alpha numeric
|
||
|
password, all caps as I said before. You can safely attempt this twice without
|
||
|
anyone knowing your there. After the third failed attempt the company printer
|
||
|
activates itself by printing "Login Attempt Failed". This is not a wise thing
|
||
|
to have printed out while your trying to hack into it since there is always
|
||
|
someone there. If you try twice and fail, hit Ctrl-d, call back, echo, and try
|
||
|
again. You can keep doing this as long as you wish since there is no other
|
||
|
monitoring device than that printer I mentioned before. Since this only
|
||
|
activates when you fail to login correct you can safely say there is little if
|
||
|
no danger of your discovery. I would suggest going through an extender though
|
||
|
since Chilton does have access to tracing equipment. About the passwords, as
|
||
|
far as I know, there are 3 different classes of them with varying privileges,
|
||
|
these are:
|
||
|
|
||
|
1-User/Employee
|
||
|
2-Permanent/Secretary
|
||
|
3-Input Output
|
||
|
|
||
|
The first one is just to look and pull credit reports. These passwords go dead
|
||
|
every Sunday night at 11:00pm or so. The new ones are good from Monday to
|
||
|
Sunday night. Even though your pass is good for one week, there are limited
|
||
|
times you can use this. The credit system is only accessible at these times:
|
||
|
Mon-Fri: 8:00am to 11:00pm, Sat: 8:00am to 9:00pm, and Sun: 8:00am to 6:00pm
|
||
|
The second class is the same as the first except that these only change
|
||
|
whenever someone leaves the company. These were originally supposed to be set
|
||
|
up for the secretaries so that if they ever need quick access they could w/o
|
||
|
having to go down to the Credit Dept. every week for a new password. The
|
||
|
third is one I have never gotten..yet. It has the ability to alter a persons
|
||
|
credit reports for one month. At the first of the month the system updates all
|
||
|
reports and changes your alterations to the credit reports. Doing this though
|
||
|
would warrant going through a diverter since your fucking with someone's life
|
||
|
now. Once you have hacked a pass and it accepts the entry it will display the
|
||
|
warning:
|
||
|
|
||
|
****WARNING! UNAUTHORIZED ACCESS OF THIS SYSTEM IS A FEDERAL CRIME!****
|
||
|
|
||
|
Or something along the same lines. After this you should be left to input
|
||
|
something. This is where you enter either In House Mode, System Mode, or
|
||
|
Reporting Mode. In House Mode will give you the reports for the people living
|
||
|
in Dallas/Fort Worth and surrounding counties. System Mode is good for
|
||
|
surrounding states that include:
|
||
|
|
||
|
Massachusets, Illinois, Louisiana, Missouri, Arkansas, New Mexico, Colorado,
|
||
|
Arizona, some of New Jersey, and a few others I cant remember. There are 11
|
||
|
states it covers.
|
||
|
|
||
|
Reporting is a mode used for getting transcripts of a persons reports and would
|
||
|
require you to input a companies authorization number. So for this file lets
|
||
|
stick to In House and System. Get your victims stats ready and enter a mode:
|
||
|
|
||
|
In House: I/NH Ctrl-s (Dallas/Ft. Worth 214)
|
||
|
System: I/S Ctrl-s (All other NPA's)
|
||
|
|
||
|
After that its time to pull records. Type in:
|
||
|
|
||
|
I/N-Last Name/F-First Name/L-Street Name/Z-Zip Code/** Ctrl-s
|
||
|
|
||
|
If you don't know his street name, use 'A' and it will go into a global search
|
||
|
routine until it finds name that match or are at least 80% similar to the one
|
||
|
you used. Although the Zip Code is not needed and can be left out, it does
|
||
|
narrow the search field down considerably. Once it finds the name, it will
|
||
|
show you his Name, SSN, Current Address, Employer, and former ones if there
|
||
|
are any. Right after his name you will see a ID number. Sorta like: 100-xxxxx
|
||
|
Write this down as it is your key to getting his reports. After it finishes
|
||
|
listing what it has on him its time to see the full story. Type:
|
||
|
|
||
|
N/100-xxxxx/M/D Ctrl-s
|
||
|
|
||
|
What it will display now is his whole credit history. When you first pulled
|
||
|
his ID number you might have seen he had two names but with a variance like
|
||
|
middle name or a misspelled address. Pull both of them as they are just an
|
||
|
error in whoever put the reports in. I would suggest capturing this so that
|
||
|
you can refer back to it w/o having to access the system every time.
|
||
|
|
||
|
There is another way to get into Chilton through Tymnet but I have no idea of
|
||
|
the address for this and its a waste of time. If you happen to get the name
|
||
|
and address of an employee of the company forget the idea of pulling his
|
||
|
stats, Chilton doesnt allow employee records to be in there. One very good
|
||
|
point made not too long ago is the prospect of going through the phone book
|
||
|
and picking names at random.
|
||
|
|
||
|
Although Credit Card numbers are displayed credit card fraud is thwarted by
|
||
|
the small fact that it does not show expiration dates. No company making an
|
||
|
actual inquisition on a person would need that information and to prevent the
|
||
|
fraudulent or misuse of the information they were left out. There is an
|
||
|
interesting note that at one time in the companies history they did have a
|
||
|
small that signified a drug record. This was taken out as it wasn't
|
||
|
pertinent to the computers purpose and was only there because Borg Warner, the
|
||
|
company that owns Chilton wanted to pry into peoples lives. The computer has a
|
||
|
10 line rotary, so unless there are 11 people using it at the same time your
|
||
|
chances of getting a busy signal are almost if not next to nil.
|
||
|
|
||
|
Disclaimer:
|
||
|
|
||
|
The information provided in this file is a tutorial and is provided for the
|
||
|
purpose of teaching others about this system and how it operates. It is not
|
||
|
provided to promote the fraudulent use of credit cards or any other such
|
||
|
action(s) that could be considered illegal or immoral. Myself, and the
|
||
|
editors/publishers/distributors of this newsletter are in no way responsible
|
||
|
for the actions or intentions of the reader(s) of this file.
|
||
|
|
||
|
<>>>> Ryche <<<<>
|
||
|
_______________________________________________________________________________
|